Provide Honeypot spam protection for SilverStripe CMS. Create a form field hidden from users that invalidates submission if it contains any data. Also invalidate submissions that respond to quickly.
- SilverStripe 3.1.0 and newer or 3.2 and newer.
- SilverStripe SpamProtection 1.2 or newer.
Run the following to add this module as a requirement and install it via composer.
$ composer require studiobonito/silverstripe-spamprotection-honeypotCopy the 'silverstripe-spamprotection-honeypot' folder to the root of your SilverStripe installation.
Create a configuration file spamprotection.yml in mysite/_config with the following configuration.
---
name: spamprotection
---
FormSpamProtectionExtension:
default_spam_protector: '\StudioBonito\SilverStripe\SpamProtection\Honeypot\SpamProtector\HoneypotSpamProtector'Then enable spam protection on your form by calling Form::enableSpamProtection().
public function ExampleForm()
{
$form = new ExampleForm($this, 'Example');
$form->enableSpamProtection();
return $form;
}You can change the amount time that is checked to see if the response is made too quickly with the following configuration.
StudioBonito\SilverStripe\SpamProtection\Honeypot\FormField\HoneypotField:
time_limit: 1This example changes the time to 1 second. The default is set to 5 seconds.
$ phpunitPlease see CONTRIBUTING for details.
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
The BSD-2-Clause License. Please see License File for more information.